Protection · API Key Detection
Caught before it becomes a headline.
Developers and power users routinely paste infrastructure credentials into AI chat to debug integrations. A single leaked AWS key can cost tens of thousands in seconds. Ventrin intercepts every format — before any byte leaves the browser.
Detection approach
Pattern. Entropy. Block.
A pattern library covers 20+ providers.
Each major cloud and AI platform issues keys with distinctive prefixes and structures. Ventrin maintains a regularly updated pattern library covering AWS (AKIA...), GCP service accounts, Azure SAS tokens, OpenAI (sk-...), Anthropic, Stripe, GitHub personal access tokens, Twilio auth tokens and more. New provider formats are added with each extension release.
Entropy analysis catches custom tokens.
Beyond known patterns, Ventrin calculates Shannon entropy over candidate token strings. High-randomness sequences — typical of secrets, bearer tokens, and private keys — are flagged even when they don't match a known provider format. This catches internal systems, custom auth tokens, and rotation credentials that fall outside the pattern library.
Blocked with context — not just refused.
When a key is detected, the user sees exactly what was found, which provider it belongs to, and why it was blocked. The prompt is held — not silently discarded — and the user can choose to remove the key and resend. Every detection event is logged in the admin dashboard with the key type, not the key value.
The threat is real
It's not malice. It's habit.
The majority of credential exposures through AI tools aren't caused by bad actors. They're caused by developers who've been pasting credentials into debug sessions for years — and the habit carried across to the new generation of tools. Ventrin treats this as a workflow problem, not a security theatre exercise.
- Detects keys pasted inline, in code blocks, and inside JSON payloads
- Context-aware — distinguishes example values from live credentials using entropy scoring
- Works on ChatGPT, Claude, Gemini, Copilot and internal tools via API Gateway
- Admin dashboard shows key type frequency — which providers your team is most commonly exposing
Provider detection coverage · 20+ formats
| Provider | Key prefix / format | Example pattern | Detection method | Risk if exposed |
|---|---|---|---|---|
| OpenAI | sk- + 48 chars |
sk-proj-… |
Prefix + length | Full API billing access |
| Anthropic | sk-ant- + base64 |
sk-ant-api03-… |
Prefix + entropy | Full API billing access |
| AWS IAM | AKIA + 16 alphanum |
AKIAIOSFODNN7… |
Prefix + charset | Full account / S3 access |
| Google Cloud | AIza + 35 chars |
AIzaSy… |
Prefix + length | Project billing exposure |
| Azure | 32 hex + subscription UUID | xxxxxxxx-xxxx-… |
UUID + entropy | Subscription access |
| GitHub | ghp_ / gho_ / ghs_ |
ghp_16C7e42F… |
Prefix + length | Repo read/write access |
| Stripe | sk_live_ / pk_live_ |
sk_live_51H… |
Prefix + mode tag | Payment data / charges |
| Twilio | SK + 32 hex SID |
SKxxxxxxxx… |
Prefix + entropy | SMS/calls billing |
| Slack | xoxb- / xoxp- |
xoxb-1234-… |
Prefix match | Workspace data read |
| SendGrid | SG. + base64 |
SG.xxxx.yyyy |
Prefix + structure | Email delivery abuse |
| HuggingFace | hf_ + alphanumeric |
hf_aBcDe… |
Prefix + entropy | Model API / dataset access |
| Datadog / PagerDuty | 40-char hex | c44f…a892 |
High-entropy detection | Observability / alert data |
| Custom / unknown | 32–64 char high-entropy string | (any format) | Shannon entropy ≥ 4.5 bits/char | Flagged for admin review |
Detection library updated with each extension release. Custom patterns configurable via Policy Engine for internal credentials, database connection strings, and private certificate material.
Stop credentials leaving your network.
Install in two minutes. Credential detection starts immediately.
Manifest V3 · Local detection · No prompt storage by default.